﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using FluentSecurity;
using FluentSecurity.Policy;

namespace MvcEasyProject.App_Start.Security
{

    public class AdminOnlyPolicy : ISecurityPolicy
    {
        public PolicyResult Enforce(ISecurityContext context)
        {
            return context.CurrentUserRoles().Contains("Administrator") ?
                PolicyResult.CreateSuccessResult(this) :
                PolicyResult.CreateFailureResult(this, "Access denied!");
        }
    }
    //security policy for controller access and/or action access
    public class AdminOnlyPolicyViolationHandler : IPolicyViolationHandler
    {
        public ActionResult Handle(PolicyViolationException exception)
        {
            var r = new System.Web.Routing.RouteValueDictionary();
            r.Add("controller", "Account");
            
            r.Add("action", "Login");
            r.Add("returnUrl", HttpContext.Current.Request.RawUrl);

            return new RedirectToRouteResult("Default", r);
        }
    }

    public class DenyAnonymousAccessPolicyViolationHandler : IPolicyViolationHandler
    {
        public ActionResult Handle(PolicyViolationException exception)
        {
             var r = new  System.Web.Routing.RouteValueDictionary();
            r.Add("controller","Account");
            r.Add("action","Login");
            r.Add("returnUrl", HttpContext.Current.Request.RawUrl);

            return  new RedirectToRouteResult("Default",r );
        }
    }
}